Is the solution HIPAA, PCI, or GDPR compliant, and what compromises will I need to make?

Yes, Invoca takes data security and customer privacy very seriously. For healthcare Invoca is HIPAA compliant and will sign a BAA. In addition, Invoca is GDPR, CCPA compliant, maintains PCI DSS, Privacy Shield and TRUSTe certifications. Invoca provides customers controls around call recording, data redaction and data access. Learn more about Invoca’s compliance and cloud-based security infrastructure here: https://www.invoca.com/product/security-compliance With many call tracking platforms, you need to make serious compromises in order to maintain compliance. For instance, many platforms claim HIPAA or PCI DSS compliance, but with the caveat that call recordings and transcriptions must be turned off. This drastically limits the amount and type of insights that can be gathered effectively reducing those platforms to providing call counts and not much more. Invoca customers do not need to make such sacrifices. Features such as automatic call redaction allow for the recording and transcribing of calls to gather those rich insights all while maintaining compliance. Turning off recordings and transcripts removes the ability to detect call outcomes from the phone conversation and optimize based off those calls.

Yes, Invoca supports HIPAA for healthcare and PCI DSS for financial services. Additionally, Invoca is GDRP compliant, Privacy Shield and TRUSTe certified, and provides controls for call recording, data redaction and data access. If you work in a highly-regulated business like healthcare or banking, understanding how call tracking will affect your compliance must be a priority. Invoca supports HIPAA for healthcare and PCI DSS for financial services. Additionally, Invoca is GDRP compliant, Privacy Shield and TRUSTe certified, and provides controls for call recording, data redaction and data access. Learn more about Invoca’s cloud security and infrastructure here: https://www.invoca.com/product/cloud-security-infrastructure/ Potential pitfalls to look out for when evaluating call tracking vendors: With many call tracking platforms, you need to make compromises in order to maintain compliance. For instance, some platforms that claim HIPAA compliance, but only meet it by turning call transcription and recording off completely. Automatic call redaction (which uses speech recognition to remove sensitive information from call recordings and transcripts) is required to record calls and meet HIPAA standards. Keep in mind that if you turn off transcription, you won’t be able to extract insights or detect call outcomes from the phone conversation.